Users keep logged-in despite Multi-factor Authenti... - ServiceNow Community

Users keep logged-in despite Multi-factor Authentication

Mark Roethof
Tera Patron
Tera Patron

‎02-28-2021 09:56 PM - edited ‎08-12-2024 09:09 AM

Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

 

Hi there,

 

So you've activated the ServiceNow Multi-factor Authentication plugin on your instance. A nice step in your security hardening. Though while testing you are noticing that somehow, you don't have to login every time. You don't have to use your authenticator app every time. How come? This actually breaks down a part of the reason for applying Multi-factor Authentication.

 

Sharing what I've experienced with a recent customer on this.


Authentication information is cached

If you are experiencing a situation like described above, where you don't have to login every time: most likely, your authentication information is cached.


Remember me

When the Remember me checkbox is selected at login, an additional cookie is stored on the user's computer to automatically re-establish the session for the logged-in user upon subsequent visits. One of the effects of this is that - although you have Multi-factor Authentication enabled - the user does not have to login every time, the user does not have to use your authentication app every time.

 

find_real_file.png


glide.ui.forgetme

To disable the Remember me functionality, there's an out-of-the-box System Property: "glide.ui.forgetme". Even though it's best practice to have the Remember me functionality disabled, I do see this enabled at multiple customer instances. To disable the Remember me functionality, you would only need to change the system property value to true.

 

find_real_file.png


Result

The user would now be automatically logging out of the instance when their session expires. With this, you would need to log in every new session again, and with that applying your authentication app every time.
Another security issue fixed!

---

 

And that's it actually. Hope you like it. If any questions or remarks, let me know!

 

C

If this content helped you, I would appreciate it if you hit bookmark or mark it as helpful.

 

Interested in more Articles, Blogs, Videos, Podcasts, Share projects I shared/participated in?
- Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

 

Kind regards,


Mark Roethof

ServiceNow Technical Platform Architect @ Quint Technology

2x ServiceNow Developer MVP

2x ServiceNow Community MVP

---

LinkedIn

Preview file
23 KB
Preview file
12 KB
  • 1,599 Views
Version history
Last update:
‎08-12-2024 09:09 AM
Updated by:
Tera Patron
Contributors